SC-100 Question #254: Real Exam Question with Answer & Explanation

Question

You have an Azure subscription that contains multiple Azure Blob Storage accounts. You need to recommend a solution to detect threats in files after the files are uploaded to a blob container. What should you include in the recommendation?

Options

• Asensitive data threat detection in Microsoft Defender for Storage
• Bruntime threat protection in Microsoft Defender for Containers
• Cvulnerability assessment in Microsoft Defender for Containers
• Dmalware scanning in Microsoft Defender for Storage

Explanation

{"question_number": 7, "correct_answer": "D", "explanation": "Malware scanning in Microsoft Defender for Storage is specifically designed to scan files uploaded to Azure Blob Storage containers for malware. It triggers on new blob uploads, analyzes the file content using Microsoft Defender Antivirus engines, and raises alerts when malicious files are detected - directly satisfying the requirement to detect threats in files after upload. Sensitive data threat detection in Defender for Storage (A) detects anomalous access patterns to sensitive data (e.g., unusual data access), not malware in file content. Runtime threat protection in Defender for Containers (B) protects running container workloads, not blob storage content. Vulnerability assessment in Defender for Containers (C) scans container images for known CVEs in software packages, not blob storage files for malware.", "generated_by": "claude-sonnet", "llm_judge_score": 5}

No community discussion yet for this question.